The key point of the article is that most social P2P systems (Mastodon, Dat) are fully public and do not hide the user's data from the system administrator or physical infrastructure network.
This is at odds with how these systems are often "marketed" as tools for fighting against The Government" or "The Corporations"-- when the open nature and lack of anonymization mechanisms of these tools expose those who are currently technically breaking the law (to prove a moral point) to be trivially detected by law-enforcement.
I personally have considered running a few P2P nodes for fun, but the amount of moderating and administration I would need to do and the risk of the service being used for illegal purposes pushes me firmly in the camp of watching from a distance.
It should be noted that Mastodon is in process of adding e2e encryption. And Matrix chat has implemented the ability for server admins (at least on synapse server) to enable e2e encryption by default for all rooms.
Even still, as long as accounts belong to specific servers, the relationship of user to server admin is still a little too close for comfort imo. Perhaps a simple business relationship of "you pay me and I host you" would help here.
Agreed. In matrix/synapse, even with e2e enabled the server gets a ton of metadata, including presence info. Also the identity server exposes quite a bit.
A decentralized social network should have trust-less servers. The servers should just store encrypted data and serve it up, without being exposed to the social graph and with other metadata minimised.
Identity should also be independent of servers (and hence DNS).
At the networking layer they will also need to use something like onion routing or a mix network to fully protect the social graph.
With that limitation, it would be impossible to replace the centralized services as the UX would be far worse. With modern web apps 100ms makes a difference in loading times.
This takes a while to digest. I've been hanging out on SSB (aka scuttlebutt) for a while now and I do enjoy the community. So this hits very close to home, and I guess it's good that it does.
The author, one the one hand, writes this in the concluding paragraph:
> Without cohesive organisation, mobilisation to harden security and privacy and without a sincere commitment from protocol designers to revise their collective assumptions, the push back from incumbent power will leverage each and every socio-technical flaw in each and every network.
But on the other hand they write:
> The moment demands not another protocol, not another manifesto, not another social network, but a savvy understanding of the political dynamics of protocols and the nakedness of today’s networks.
I guess that's a call for doing some serious stock-taking before writing the next (iteration of an existing) protocol? I'm fairly confident that the "solution" to this, if it is to be found, will have some technological component to it. But Cade Diehm is right in pointing out that that will not suffice, not by a long shot.
If we expect every (human-made) protocol to have flaws and vectors for "incumbent retaliation" like the bittorrent copyright suits of the 00s, then one way to side-step this would be to reduce the harm such tactics can do. Not saying that's easy, but establishing the social norm that copyright records won't get you into trouble when trying to find a job, that would be cool. There's a whole cultural aspect to this that has largely been confined to some niche cyberpunk (and even more niche, and frankly artistically lacking) solarpunk subcultures.
So where do we go from here? Do we "simply" design protocols and networks around them that don't allow siphoning off the entire traffic? Do we establish spaces (physical, mostly) where being "burned" by a copyright lawsuit won't matter, going full walkaway (look it up if you don't get the reference) or what should happen?
it's important to know that Dat & SSB are such a security hole. the thing about SSB in particular, though... is it's main value prop:
this tool can be used on a sailboat with no web access
our worldwide, global, ungated internet may be the thing that leaves us quite soon.
postal mail was also subject to intrusive surveillance for as long as written words have been delivered by humans. submitting them to the internet, and expecting that we should somehow be blessed with total freedom from prying eyes may have been the mistake.
more networks could be the answer. distributed social groups. decentralized governance.
more countries could be the answer... if we want to abandon the central authorities and the power they concentrate.
it's clear from this point in history nothing will be the same again. but staying connected to the global net comes with obvious trade-offs for personal security.
A couple of networks that aim to improve Tor / I2P are Lokinet[1] and Yggdrasil[2].
And they each have their own messenger projects. Loki is running Session Messenger[3] and Yggdrasil is partnering with Matrix on their p2p project[4].
Personally, I think messaging procotols will be the foundation of every social application. A twitter feed for example is just a messaging channel with a bit of friction.
Original research, lots of intelligent concepts and good ideas, and somewhat functional code base, but unfortunately more like a thesis and research grant generator than an actually usable software:
https://gnunet.org/
Problem like every research tool has, after the researcher has his PhD for some fancy algorithm and a proof of concept implementation, he leaves. It also never bothered to create the one reliably functioning killer use case that would attract power users and devs.
Based on gnunet, also good ideas, but largely in conceptual stage:
https://secushare.org/
Based on some ideas of gnunet, and actually usable, but quite limited, horrible Java program, and with the usual weird darknet contents:
https://freenetproject.org/
Wow, rarely seen such good writing on this topic. Encouraging to see that these ideas are well and alive and kept available until the impossible suddenly becomes possible.
AFAIK peer-to-peer is about preventing censorship, but the author seems to assume it is about preventing surveillance. So a large part of the criticism is missing the point.
Still, it is a problem that these systems are not preventing both and it is also a problem if users expect the latter but only get the former. Protocols need to be specific about their threat model.
The key point of the article is that most social P2P systems (Mastodon, Dat) are fully public and do not hide the user's data from the system administrator or physical infrastructure network.
This is at odds with how these systems are often "marketed" as tools for fighting against The Government" or "The Corporations"-- when the open nature and lack of anonymization mechanisms of these tools expose those who are currently technically breaking the law (to prove a moral point) to be trivially detected by law-enforcement.
I personally have considered running a few P2P nodes for fun, but the amount of moderating and administration I would need to do and the risk of the service being used for illegal purposes pushes me firmly in the camp of watching from a distance.